package cn.lj.logistics.shiro;

import java.util.ArrayList;
import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import cn.lj.logistics.pojo.User;
import cn.lj.logistics.pojo.UserExample;
import cn.lj.logistics.pojo.UserExample.Criteria;
import cn.lj.logistics.service.PermissionService;
import cn.lj.logistics.service.UserService;

public class CustomRealm extends AuthorizingRealm{
	
	@Autowired
	private UserService userService;
	
	@Autowired
	private PermissionService permissionService;
	
	//认证方法
		@Override
		protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
			// 获取token（表单提交的账号）的身份
			String username = (String) token.getPrincipal();
			
			//从数据库中根据账号查询是否存在此用户
			UserExample example = new UserExample();
			Criteria criteria = example.createCriteria();
			criteria.andUsernameEqualTo(username);
			List<User> users = userService.selectByExample(example );
			
			//账号数据库中不存在，直接返回null，Shiro底层抛：org.apache.shiro.authc.UnknownAccountException
			if(users.size() == 0) {
				return null;
			}
			
			User user = users.get(0);
			
			System.out.println("user :"+user);

			ByteSource credentialsSalt = ByteSource.Util.bytes(user.getSalt());
			
			return new SimpleAuthenticationInfo(user, user.getPassword(), credentialsSalt , this.getName());		
		}
//授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		
		 //获取主身份
		User user=(User) principals.getPrimaryPrincipal();
		 
		  System.out.println(user); //将当前认证的身份（用户）的角色的权限id切割成数组 String[]
	
		//将当前认证的身份（用户）的角色的权限id切割成数组
			String[] permissionIdsArr = user.getPermissionIds().split(",");
			System.out.println(permissionIdsArr);
			List<Long> permissionIdsList = new ArrayList<Long>();
			for (String permissionId : permissionIdsArr) {
				permissionIdsList.add(Long.valueOf(permissionId));
			}
			System.out.println("permissionIdsList :"+permissionIdsList);
			List<String> permissions = permissionService.selectExpressionByIds(permissionIdsList);
			
			System.out.println("permissions :"+permissions);
			//[admin:adminPage, system:systemManager, role:rolePage, permission:permissionPage, admin:list, admin:insert, admin:delete, admin:update, role:insert, role:update]
			SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
			//将身份的角色设置Shiro
			authorizationInfo.addRole(user.getRolename());
			
			//将权限表达式设置给Shiro
			authorizationInfo.addStringPermissions(permissions);
		return authorizationInfo;  
	}


}
